<?php
declare (strict_types=1);

namespace app\middleware;

use http\Env\Response;
use think\facade\Cache;
class Check
{
    protected $allowAction = [
      'register',
      'login','notify','upload_img','scope_list','delete_img','test'
    ]; // 不验证token的操作
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure $next
     * @return Response
     */
    public function handle($request, \Closure $next)
    {
//        header('Access-Control-Allow-Origin:http://www.baidu.cn');
        header('Access-Control-Allow-Origin:*');
        header('Access-Control-Allow-Methods:*');
        header('Access-Control-Allow-Headers:*');
        header('Access-Control-Allow-Credentials:false');
        if (!in_array($request->action(true), $this->allowAction)) {
            if (!$request->isPost()) return jsonFail('请采用正确的方式登录!');
//            if ($request->domain(true)!='http://dxsd.jlxmall.com') return jsonFail('非法域名访问',$request->domain(true));
            $token = $request->param('token');
            if (empty($token)) return jsonFail('登录失效 重新登录了',[],202);
            $id = Cache::store('redis')->handler()->get($token);
            if (empty($id)) return jsonFail('登录失效，请重新登录',[],202);
        }
        return $next($request);
    }
}
